CN112272145B - Message processing method, device, equipment and machine readable storage medium - Google Patents
Message processing method, device, equipment and machine readable storage medium Download PDFInfo
- Publication number
- CN112272145B CN112272145B CN202011152633.6A CN202011152633A CN112272145B CN 112272145 B CN112272145 B CN 112272145B CN 202011152633 A CN202011152633 A CN 202011152633A CN 112272145 B CN112272145 B CN 112272145B
- Authority
- CN
- China
- Prior art keywords
- message
- destination
- management
- address
- static route
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/58—Association of routers
- H04L45/586—Association of routers of virtual routers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present disclosure provides a message processing method, apparatus, device and machine readable storage medium, the method comprising: receiving a message sent by a tenant end, and acquiring a destination IP address of the message; comparing the static routes learned in advance according to the destination IP addresses of the messages; if the destination IP address matches the static route, forwarding the message to a management side network device associated with the static route; the static route is issued by the management-side network device and learned by the tenant-side network device. According to the technical scheme, the tenant-side network equipment realizes that the tenant end has a multi-outlet network by learning the static route issued by the management-side network equipment, the tenant-side network equipment realizes the intercommunication of renting and managing, the message flow accessing the public network realizes the public network access according to the default scheme, and the message flow needing to access the management area realizes forwarding and access according to the matched static route.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method, an apparatus, a device, and a machine-readable storage medium for processing a packet.
Background
Firewall Context, a physical firewall device is divided into multiple logical devices through virtualization technology, and each logical device is called a Context. And the exit gateway can realize the communication between the tenant and the external network by configuring the exit gateway by the tenant.
The virtual router is used for carrying out three-layer forwarding on the flow between the virtual subnets, and the virtual router can also realize the inter-access of an internal network and an external network after binding the gateway and the external network.
Route Target, MPLS L3VPN uses BGP extended community attributes (also called VPN Target) to control the distribution of VPN routing information, Export Target attributes implement Route distribution, and Import Target attributes implement Route comparison and addition.
The method is characterized in that the tenants are in mutual communication, the network is isolated based on the tenants in the cloud scene, and the mutual access of the flow of the tenant areas and the flow of the management areas among different tenants is realized.
BGP (Border Gateway Protocol) is a routing Protocol for an autonomous system running over TCP. BGP is the only protocol used to handle networks as large as the internet and is the only protocol that can properly handle multiple connections between unrelated routing domains. BGP builds on the experience of EGP. The main function of the BGP system is to exchange network reachability information with other BGP systems. The network reachability information includes information for listed Autonomous Systems (AS). This information effectively constructs a topology map of the AS interconnect and thus clears the routing loops, while policy decisions may be enforced at the AS level.
At present, a technical scheme for realizing the renting, managing and communicating among different tenants is lacked, and the access from a management network to a tenant area is realized.
Disclosure of Invention
In view of the above, the present disclosure provides a message processing method, a message processing apparatus, an electronic device, and a machine-readable storage medium to at least improve one of the above technical problems.
The specific technical scheme is as follows:
the present disclosure provides a message processing method, which is applied to a tenant-side network device, and the method includes: receiving a message sent by a tenant end, and acquiring a destination IP address of the message; comparing the static routes learned in advance according to the destination IP addresses of the messages; if the destination IP address matches the static route, forwarding the message to a management side network device associated with the static route; the static route is issued by the management-side network device and learned by the tenant-side network device.
As a technical solution, if the destination IP address matches a public network address, the packet is forwarded to the public network through an egress gateway.
As a technical solution, the destination IP address of the static route belongs to a management device network segment, and the next hop is an egress gateway address of the management device; if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including: and if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the management equipment outlet gateway.
As a technical solution, a message sent by a management-side network device is received, and the message is forwarded to a tenant end according to the static route.
The present disclosure also provides a packet processing apparatus, which is applied to a tenant-side network device, and the apparatus includes: the message module is used for receiving a message sent by a tenant end and acquiring a destination IP address of the message; the processing module is used for comparing the static routes learned in advance according to the destination IP addresses of the messages; a forwarding module, configured to forward the packet to a management-side network device associated with a static route when the destination IP address matches the static route; the static route is issued by the management-side network device and learned by the tenant-side network device.
As a technical solution, if the destination IP address matches a public network address, the packet is forwarded to the public network through an egress gateway.
As a technical solution, the destination IP address of the static route belongs to a management device network segment, and the next hop is an egress gateway address of the management device; if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including: and if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the management equipment outlet gateway.
As a technical solution, the forwarding module is further configured to receive a packet sent by the management-side network device, and forward the packet to the tenant end according to the static route.
The present disclosure also provides an electronic device, which includes a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions capable of being executed by the processor, and the processor executes the machine-executable instructions to implement the foregoing message processing method.
The present disclosure also provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the aforementioned message processing method.
The technical scheme provided by the disclosure at least brings the following beneficial effects:
the tenant side network equipment realizes that a tenant end has a multi-outlet network by learning a static route issued by the management side network equipment, realizes the intercommunication of tenant and management by the tenant side network equipment, realizes the public network access by the message flow of the public network according to a default scheme, realizes the forwarding and access of the message flow needing to access the management area according to the matched static route, and realizes the mutual access of the tenant area and the management network which are not under the same tenant, so that the tenant can use the safety service of the management area on one hand, and the management area can monitor the tenant service on the other hand.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments of the present disclosure or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and other drawings can be obtained by those skilled in the art according to the drawings of the embodiments of the present disclosure.
Fig. 1 is a flowchart of a message processing method in an embodiment of the present disclosure;
fig. 2 is a timing diagram of a message processing method according to an embodiment of the present disclosure;
fig. 3 is a block diagram of a message processing apparatus according to an embodiment of the present disclosure;
fig. 4 is a hardware configuration diagram of an electronic device in an embodiment of the present disclosure.
Detailed Description
The terminology used in the embodiments of the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein is meant to encompass any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information in the embodiments of the present disclosure, such information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. Depending on the context, moreover, the word "if" as used may be interpreted as "at … …" or "when … …" or "in response to a determination".
The network under the cloud scene is based on tenant isolation, and different tenant flows can not be intercommunicated. However, in some service scenarios, based on the requirements of cost or service demand, the security services of some cloud scenarios need to be deployed centrally in the management area, for example: situation awareness, basic network log collection and asset management; providing service network log acquisition and asset management for tenants according to requirements; vulnerability scanning, namely providing vulnerability scanning service for tenants according to needs; and (4) application monitoring, namely providing an application monitoring service for the tenant according to the requirement.
The security services are deployed in the management area and provide corresponding security service for different tenants. Therefore, the traffic intercommunication between different tenants and the management area is required to complete the customized security service of the tenants.
In a virtual network constructed based on tenants in a cloud scene, the tenants use a virtual router to bind a virtual link layer network and subnetworks thereof, an exit gateway, an external network, a firewall context and a routing table, and different tenants use VPNs for isolation.
In an embodiment, a load balancing instance SLB may be created, an intranet EIP segment is added to the public network address pool, an intranet EIP is allocated from the intranet EIP segment and bound with the SLB, and then a route between the management network and the core firewall is connected. The management network actively accesses the tenant network, the flow of the management network reaches the firewall, the message reaches the virtual IP of the SLB through the route after the NAT mapping of the EIP, and the message is issued to the back-end server according to the load balancing algorithm, namely the real server of the tenant. The tenant network accesses the management network, the back-end server directly accesses the nginx server of the DMZ isolation area, the route between the management network and the nginx is communicated, and the nginx server is used as a directional agent to access the management network. However, this embodiment uses the load balancing device to provide access to the tenant zone from the management network, requires an additional load balancing device, and cannot implement tenant intercommunication between different tenants.
In view of the above, the present disclosure provides a message processing method, a message processing apparatus, an electronic device, and a machine-readable storage medium to at least improve one of the above technical problems.
The specific technical scheme is as follows.
The present disclosure provides a message processing method, which is applied to a tenant-side network device, and the method includes: receiving a message sent by a tenant end, and acquiring a destination IP address of the message; comparing the static routes learned in advance according to the destination IP addresses of the messages; if the destination IP address matches the static route, forwarding the message to a management side network device associated with the static route; the static route is issued by the management-side network device and learned by the tenant-side network device.
Specifically, as shown in fig. 1, the method comprises the following steps:
step S11, receiving a message sent by a tenant end, and acquiring a destination IP address of the message;
step S12, comparing the static routes learned in advance according to the destination IP address of the message;
and step S13, if the destination IP address matches with the static route, forwarding the message to the management side network device associated with the static route.
Wherein the static route is issued by the management-side network device and learned by the tenant-side network device.
The tenant side network equipment realizes that a tenant end has a multi-outlet network by learning a static route issued by the management side network equipment, realizes the intercommunication of tenant and management by the tenant side network equipment, realizes the public network access by the message flow of the public network according to a default scheme, realizes the forwarding and access of the message flow needing to access the management area according to the matched static route, and realizes the mutual access of the tenant area and the management network which are not under the same tenant, so that the tenant can use the safety service of the management area on one hand, and the management area can monitor the tenant service on the other hand.
As a technical solution, if the destination IP address matches a public network address, the packet is forwarded to the public network through an egress gateway.
As a technical solution, the destination IP address of the static route belongs to a management device network segment, and the next hop is an egress gateway address of the management device; if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including: and if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the management equipment outlet gateway.
As a technical solution, a message sent by a management-side network device is received, and the message is forwarded to a tenant end according to the static route.
The embodiment realizes the intercommunication of the tenancy and the management by using multiple outlets, the gateway sets multiple outlets for the flow of the tenancy end, the outlets and the public network have outlet paths and also have outlet paths to the management area network, and the selection of the paths is determined according to the destination address of the flow of the tenancy.
If the traffic is the traffic accessing the public network, the traffic is sent to the firewall context bound by the tenant virtual router according to the default route, and the traffic is sent to the exit gateway to the public network after being checked and released by the firewall rule.
As shown in fig. 2, if the packet flow is a packet flow accessing the management area/management device, a static route is configured on the tenant virtual router of the management area management device, the destination address of the route is the management area network segment, and the next hop is the management area egress gateway address. And reconfiguring an Export Target function of the Route Target attribute of the virtual router in the management area, and issuing the static Route. And an Import Target function of the tenant virtual router Route Target attribute is also configured, and the switching of the VPN is realized through the static Route issued by the virtual router in the BGP learning management area. When the message flow of the tenant reaches the tenant virtual router, the message flow is guided to a management area firewall context according to the learned static route, the VPN of the tenant is matched with the VPN of the management area virtual router, and the message flow is transmitted to a management area outlet gateway and transmitted to a management area network after being checked and released by a firewall rule.
Similarly, when the management area needs to access the tenant end, the configured static route is used for sending an access request message or a response message or other associated messages to the tenant end equipment.
The present disclosure also provides a packet processing apparatus, as shown in fig. 3, which is applied to a tenant-side network device, and the apparatus includes: the message module 31 is configured to receive a message sent by a tenant end, and acquire a destination IP address of the message; a processing module 32, configured to compare a static route learned in advance with a destination IP address of the packet; a forwarding module 33, configured to forward the packet to a management-side network device associated with a static route when the destination IP address matches the static route; the static route is issued by the management-side network device and learned by the tenant-side network device.
As a technical solution, if the destination IP address matches a public network address, the packet is forwarded to the public network through an egress gateway.
As a technical solution, the destination IP address of the static route belongs to a management device network segment, and the next hop is an egress gateway address of the management device; if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including: and if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the management equipment outlet gateway.
As a technical solution, the forwarding module is further configured to receive a packet sent by the management-side network device, and forward the packet to the tenant end according to the static route.
The device embodiments are the same as or similar to the embodiment modes, and are not described in detail herein.
In an embodiment, the present disclosure provides an electronic device, including a processor and a machine-readable storage medium, where the machine-readable storage medium stores machine-executable instructions capable of being executed by the processor, and the processor executes the machine-executable instructions to implement the foregoing message processing method, and from a hardware level, a schematic diagram of a hardware architecture may be as shown in fig. 4.
In one embodiment, the present disclosure provides a machine-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the message processing method described above.
Here, a machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device that can contain or store information such as executable instructions, data, and so forth. For example, the machine-readable storage medium may be: a RAM (random Access Memory), a volatile Memory, a non-volatile Memory, a flash Memory, a storage drive (e.g., a hard drive), a solid state drive, any type of storage disk (e.g., an optical disk, a dvd, etc.), or similar storage medium, or a combination thereof.
The systems, apparatuses, modules or units described in the foregoing embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more software and/or hardware implementations in practicing the disclosure.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Furthermore, these computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
As will be appreciated by one of skill in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (which may include, but is not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above description is only an embodiment of the present disclosure, and is not intended to limit the present disclosure. Various modifications and variations of this disclosure will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the scope of the claims of the present disclosure.
Claims (10)
1. A message processing method is applied to tenant-side network equipment, and is characterized by comprising the following steps:
receiving a message sent by a tenant end, and acquiring a destination IP address of the message;
comparing the static routes learned in advance according to the destination IP addresses of the messages;
if the destination IP address matches the static route, forwarding the message to a management side network device associated with the static route;
the static route is issued by the management-side network device and learned by the tenant-side network device.
2. The method of claim 1,
and if the destination IP address is matched with the public network address, forwarding the message to the public network through an exit gateway.
3. The method of claim 1, wherein the destination IP address of the static route belongs to a management device segment and the next hop is a management device egress gateway address;
if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including:
and if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the management equipment outlet gateway.
4. The method according to claim 1, wherein the message sent by the management-side network device is received, and the message is forwarded to the tenant end according to the static route.
5. A message processing device is applied to a tenant-side network device, and the message processing device comprises:
the message module is used for receiving a message sent by a tenant end and acquiring a destination IP address of the message;
the processing module is used for comparing the static routes learned in advance according to the destination IP addresses of the messages;
a forwarding module, configured to forward the packet to a management-side network device associated with a static route when the destination IP address matches the static route;
the static route is issued by the management-side network device and learned by the tenant-side network device.
6. The apparatus of claim 5,
and if the destination IP address is matched with the public network address, forwarding the message to the public network through an exit gateway.
7. The apparatus of claim 5, wherein the destination IP address of the static route belongs to a management device segment and the next hop is a management device egress gateway address;
if the destination IP address matches a static route, forwarding the packet to a management-side network device associated with the static route, including:
And if the destination IP address of the message is matched with the destination IP address of the static route, forwarding the message to the exit gateway of the management equipment.
8. The apparatus according to claim 5, wherein the forwarding module is further configured to receive a packet sent by the management-side network device, and forward the packet to the tenant end according to the static route.
9. An electronic device, comprising: a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor to perform the method of any one of claims 1 to 4.
10. A machine-readable storage medium having stored thereon machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011152633.6A CN112272145B (en) | 2020-10-26 | 2020-10-26 | Message processing method, device, equipment and machine readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011152633.6A CN112272145B (en) | 2020-10-26 | 2020-10-26 | Message processing method, device, equipment and machine readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112272145A CN112272145A (en) | 2021-01-26 |
| CN112272145B true CN112272145B (en) | 2022-05-24 |
Family
ID=74341676
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011152633.6A Active CN112272145B (en) | 2020-10-26 | 2020-10-26 | Message processing method, device, equipment and machine readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112272145B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112769977B (en) * | 2021-01-27 | 2022-07-29 | 杭州迪普科技股份有限公司 | NAT public network address publishing method and device |
| CN113645081B (en) * | 2021-08-17 | 2024-03-29 | 浪潮思科网络科技有限公司 | Method, equipment and medium for realizing multi-outlet of tenant network in cloud network environment |
| CN113852669B (en) * | 2021-09-03 | 2024-01-12 | 紫光云(南京)数字技术有限公司 | Efficient container cluster deployment method suitable for various network environments |
| CN115208614B (en) * | 2022-05-18 | 2023-09-05 | 北京达佳互联信息技术有限公司 | Traffic scheduling method, device and storage medium |
| CN115996136B (en) * | 2022-09-29 | 2024-03-26 | 华数云科技有限公司 | SDN-based cloud security capability implementation method in multi-tenant scene |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104253751A (en) * | 2014-09-04 | 2014-12-31 | 杭州华三通信技术有限公司 | Multi-role host-based message transmission method and multi-role host-based message transmission equipment |
| CN105939261A (en) * | 2015-09-16 | 2016-09-14 | 杭州迪普科技有限公司 | Method and device for statically configuring VPN routing |
| CN106850432A (en) * | 2017-01-04 | 2017-06-13 | 杭州迪普科技股份有限公司 | A kind of method and device of message forwarding |
| WO2018058903A1 (en) * | 2016-09-28 | 2018-04-05 | 平安科技(深圳)有限公司 | Static route configuration method, terminal and device, and computer-readable storage medium |
| CN109451084A (en) * | 2018-09-14 | 2019-03-08 | 华为技术有限公司 | A kind of service access method and device |
| CN110365557A (en) * | 2018-03-26 | 2019-10-22 | 中兴通讯股份有限公司 | A kind of method and device of network interconnection |
| CN111314368A (en) * | 2020-02-27 | 2020-06-19 | 紫光云技术有限公司 | Method for realizing tube renting intercommunication by using load balancer |
-
2020
- 2020-10-26 CN CN202011152633.6A patent/CN112272145B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104253751A (en) * | 2014-09-04 | 2014-12-31 | 杭州华三通信技术有限公司 | Multi-role host-based message transmission method and multi-role host-based message transmission equipment |
| CN105939261A (en) * | 2015-09-16 | 2016-09-14 | 杭州迪普科技有限公司 | Method and device for statically configuring VPN routing |
| WO2018058903A1 (en) * | 2016-09-28 | 2018-04-05 | 平安科技(深圳)有限公司 | Static route configuration method, terminal and device, and computer-readable storage medium |
| CN106850432A (en) * | 2017-01-04 | 2017-06-13 | 杭州迪普科技股份有限公司 | A kind of method and device of message forwarding |
| CN110365557A (en) * | 2018-03-26 | 2019-10-22 | 中兴通讯股份有限公司 | A kind of method and device of network interconnection |
| CN109451084A (en) * | 2018-09-14 | 2019-03-08 | 华为技术有限公司 | A kind of service access method and device |
| CN111314368A (en) * | 2020-02-27 | 2020-06-19 | 紫光云技术有限公司 | Method for realizing tube renting intercommunication by using load balancer |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112272145A (en) | 2021-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112272145B (en) | Message processing method, device, equipment and machine readable storage medium | |
| EP3172875B1 (en) | Method for performing logical network forwarding using a controller | |
| US10924389B2 (en) | Segment routing based on maximum segment identifier depth | |
| EP3072264B1 (en) | Method for performing network service insertion | |
| JP2020162146A (en) | System and method for distributed flow state p2p setup in virtual networks | |
| CN107624240B (en) | Configuration of network elements for automated policy-based routing | |
| US9185056B2 (en) | System and methods for controlling network traffic through virtual switches | |
| EP3017569B1 (en) | Virtual network | |
| US20150043348A1 (en) | Traffic Flow Redirection between Border Routers using Routing Encapsulation | |
| US20140230044A1 (en) | Method and Related Apparatus for Authenticating Access of Virtual Private Cloud | |
| EP3076602A1 (en) | A method for optimized placement of service-chain-monitoring probes | |
| JP2017529011A (en) | Chaining network service functions in communication networks | |
| US10425327B2 (en) | System and method for routing in software defined networks using a flow header | |
| US11070422B2 (en) | Enabling enterprise segmentation with 5G slices in a service provider network | |
| CN107733795B (en) | Ethernet virtual private network EVPN and public network intercommunication method and device | |
| CN109104364B (en) | Designated forwarder election method and device | |
| CN107395481A (en) | The Egress node protection of broadcast, unknown unicast or multicast service in EVPN topologys | |
| US11463356B2 (en) | Systems and methods for forming on-premise virtual private cloud resources | |
| CN110535744A (en) | Message processing method, device and Leaf equipment | |
| US8718092B2 (en) | Communication network system, network switch and bandwidth control, for site-to-site communications | |
| US20130336284A1 (en) | Controlling communication of data for different user personas | |
| CN108259205B (en) | Route publishing method and network equipment | |
| US10965596B2 (en) | Hybrid services insertion | |
| CN106973016B (en) | Access control method, device and equipment | |
| CN104350710B (en) | Realize FCoE methods, devices and systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |